If a key got lost, in foreign hands... whatever... and needs to be
revoked the user will install a new keypair & cert.

Since Horde can handle only one cert the user could not keep his old
key in horde. This means: The user could no longer read his
old,crypted mails with his old key.

My wish would something like this:

Manage several private certs/keys and then let the user decide which
cerst should be used per identity/address. F.e. let the user pick the
right cert in the "Personal Information" menue and manage all
installed cerst (still) in the S/MIME menue.